| 1.1.1.5 Ensure room meeting ID passcode is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.1.20 - MobileIron - Enable SIM Password | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.22 - AirWatch - Enable SIM Password | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 3.003 - System pagefile is cleared upon shutdown. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 4.1 - System Administration Methods - CLI Session Timeout | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | |
| 4.2.1.2 Ensure logging is configured | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.039 - Built-in Admin Account Status | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.6.3 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.6 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.11 Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.7.11 Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| APPNET0064 - .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance. | DISA STIG for Microsoft Dot Net Framework 4.0 v2r6 | Windows | CONFIGURATION MANAGEMENT |
| Big Sur - Configure Automated Flaw Remediation | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure Automated Flaw Remediation | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| FFOX-00-000006 - Firefox must be configured to not automatically execute or download MIME types that are not authorized for auto-download. | DISA STIG Mozilla Firefox MacOS v6r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002690 - System audit logs must be group-owned by bin, sys, or system. | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN006570 - The file integrity tool must be configured to verify ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GOOG-09-999999 - All Google Android 9 installations must be removed. | AirWatch - DISA Google Android 9.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-009600 - Google Android 11 must be provisioned as a fully managed device and configured to create a work profile. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-011-999999 - All Google Android 11 installations must be removed. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-011-999999 - All Google Android 11 installations must be removed. | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-011-999999 - All Google Android 11 installations must be removed. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010300 - Google Android 14 must be provisioned as a fully managed device and configured to create a work profile. | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010300 - Google Android 14 must be provisioned as a fully managed device and configured to create a work profile. | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-999999 - All Honeywell Android 9 installations must be removed. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-914400 - The Samsung Android 7 with Knox must implement the management setting: Container Account blacklist. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| Monterey - Configure Automated Flaw Remediation | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Automated Flaw Remediation | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| MOTO-09-009600 - Motorola Android Pie must be provisioned as a fully managed device and configured to create a work profile. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-999999 - All Motorola Android 9 installations must be removed. | AirWatch - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-999999 - All Motorola Android 9 installations must be removed. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-009600 - Microsoft Android 11 must be provisioned as a fully managed device and configured to create a work profile. | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-009600 - Microsoft Android 11 must be provisioned as a fully managed device and configured to create a work profile. | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| RHEL-09-651020 - RHEL 9 must use a file integrity tool that is configured to use FIPS 140-3-approved cryptographic hashes for validating file contents and directories. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| VCWN-65-000061 - The vCenter Server for Windows must disable Password and Windows integrated authentication. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | CONFIGURATION MANAGEMENT |
| WG350 IIS6 - A private web server must have a valid server certificate. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WN12-00-000200 - Windows PowerShell must be updated to a version that supports script block logging on Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-10-009600 - Zebra Android 10 must be provisioned as a fully managed device and configured to create a Work Profile. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
